Skip to content

[AAP-50420] Add Default JWT Algorithms #820

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 25, 2025
Merged

[AAP-50420] Add Default JWT Algorithms #820

merged 2 commits into from
Aug 25, 2025

Conversation

zkayyali812
Copy link
Contributor

@zkayyali812 zkayyali812 commented Aug 21, 2025
edited
Loading

Description

  • What is being changed? Updates the default for JWT_ALGORITHMS. If not specified, we will use the default from OpenIdConnectAuth.JWT_ALGORITHMS
  • Why is this change needed? This change is needed to ensure a sane default set of JWT_ALGORITHMS is applied, if none are specified.
  • How does this change address the issue? This change addresses the issue, by ensuring we apply a default, instead of specifying None.

This PR is an optional alternative to #821

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update
  • Test update
  • Refactoring (no functional changes)
  • Development environment change
  • Configuration change

Self-Review Checklist

  • I have performed a self-review of my code
  • I have added relevant comments to complex code sections
  • I have updated documentation where needed
  • I have considered the security impact of these changes
  • I have considered performance implications
  • I have thought about error handling and edge cases
  • I have tested the changes in my local environment

Testing Instructions

Prerequisites

Steps to Test

  1. Create a Generic OIDC authenticator without specifying any algorithms
  2. Ensure default algorithm is populated upon save.

Expected Results

Additional Context

Required Actions

  • Requires documentation updates
  • Requires downstream repository changes
  • Requires infrastructure/deployment changes
  • Requires coordination with other teams
  • Blocked by PR/MR: #XXX

Screenshots/Logs

@zkayyali812 zkayyali812 marked this pull request as ready for review August 21, 2025 22:25
@zkayyali812 zkayyali812 mentioned this pull request Aug 21, 2025
Open
20 tasks
tyraziel
tyraziel suggested changes Aug 25, 2025
View reviewed changes
Copy link
Contributor

@tyraziel tyraziel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we pull any tests from #821 into this PR?

@github-actions GitHub Actions
Copy link

DVCS PR Check Results:

PR appears valid (JIRA key(s) found)

tyraziel
tyraziel approved these changes Aug 25, 2025
View reviewed changes
Copy link
Contributor

@tyraziel tyraziel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

@john-westcott-iv john-westcott-iv changed the title Add Default JWT Algorithms [AAP-50420] Add Default JWT Algorithms Aug 25, 2025
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@john-westcott-iv john-westcott-iv merged commit d60e4be into ansible:devel Aug 25, 2025
15 checks passed
fosterseth pushed a commit to fosterseth/django-ansible-base that referenced this pull request Sep 8, 2025
@zkayyali812 @john-westcott-iv
[AAP-50420] Add Default JWT Algorithms (ansible#820)
c44d194 
## Description
<!-- Mandatory: Provide a clear, concise description of the changes and
their purpose -->
- What is being changed? Updates the default for `JWT_ALGORITHMS`. If
not specified, we will use the default from
`OpenIdConnectAuth.JWT_ALGORITHMS`
- Why is this change needed? This change is needed to ensure a sane
default set of JWT_ALGORITHMS is applied, if none are specified.
- How does this change address the issue? This change addresses the
issue, by ensuring we apply a default, instead of specifying None.
- 
This PR is an optional alternative to ansible#821 

## Type of Change
<!-- Mandatory: Check one or more boxes that apply -->
- [x] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing
functionality to not work as expected)
- [ ] Documentation update
- [ ] Test update
- [ ] Refactoring (no functional changes)
- [ ] Development environment change
- [ ] Configuration change

## Self-Review Checklist
<!-- These items help ensure quality - they complement our automated CI
checks -->
- [x] I have performed a self-review of my code
- [x] I have added relevant comments to complex code sections
- [x] I have updated documentation where needed
- [x] I have considered the security impact of these changes
- [x] I have considered performance implications
- [x] I have thought about error handling and edge cases
- [x] I have tested the changes in my local environment

## Testing Instructions
<!-- Optional for test-only changes. Mandatory for all other changes -->
<!-- Must be detailed enough for reviewers to reproduce -->
### Prerequisites
<!-- List any specific setup required -->

### Steps to Test
1. Create a Generic OIDC authenticator without specifying any algorithms
2. Ensure default algorithm is populated upon save.
3. 

### Expected Results
<!-- Describe what should happen after following the steps -->

## Additional Context
<!-- Optional but helpful information -->

### Required Actions
<!-- Check if changes require work in other areas -->
<!-- Remove section if no external actions needed -->
- [ ] Requires documentation updates
  <!-- API docs, feature docs, deployment guides -->
- [ ] Requires downstream repository changes
  <!-- Specify repos: django-ansible-base, eda-server, etc. -->
- [ ] Requires infrastructure/deployment changes
  <!-- CI/CD, installer updates, new services -->
- [ ] Requires coordination with other teams
  <!-- UI team, platform services, infrastructure -->
- [ ] Blocked by PR/MR: #XXX
  <!-- Reference blocking PRs/MRs with brief context -->

### Screenshots/Logs
<!-- Add if relevant to demonstrate the changes -->

---------

Co-authored-by: John Westcott IV <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@john-westcott-iv john-westcott-iv john-westcott-iv approved these changes

+1 more reviewer

@tyraziel tyraziel tyraziel approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@zkayyali812 @tyraziel @john-westcott-iv